ГлавнаяУязвимости → CVE-2024-4872
9.9критическая

CVE-2024-4872

→ есть в БДУ: BDU:2025-04967 (на русском)
Описание (на английском; русское — в БДУ выше)

A vulnerability exists in the query validation of the MicroSCADA Pro/X SYS600 product. If exploited this could allow an authenticated attacker to inject code towards persistent data. Note that to successfully exploit this vulnerability an attacker must have a valid credential.

Затрагиваемое ПО
Hitachienergy Microscada pro sys600Hitachienergy Microscada x sys600
CVSS
Балл9.9 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Источники
https://publisher.hitachienergy.com/preview?DocumentID=8DBD000160&LanguageCode=en&DocumentPartId=&Action=Launch